Salesloft Drift customers are compromised in a much more expansive downstream attack spree than previously thought, potentially ensnaring any user that integrated the AI chat agent platform to another service.

“We’re telling organizations to treat any Drift integration into any platform as potentially compromised, so that increases the scope of victims,” Mandiant Consulting CTO Charles Carmakal told CyberScoop. This expanded attack radius includes Google Workspace customers that integrated Salesloft Drift into their instances. Victims have been notified that Google has found evidence of compromise.

Freshly uncovered evidence proves the threat actors, which Google tracks as UNC6395, didn’t just hit Salesforce customers who used Salesloft Drift, as Salesloft claimed Tuesday. 

“This just really blows wide open the scope here,” said Austin Larsen, principal threat analyst at Google Threat Intelligence Group.

Salesloft Drift provides integrations with 58 third-party tools for customer relationship management, automation, analytics, sales, communications and support, according to a third-party integration guide the vendor updated last month.

Salesloft updated its security blog to confirm that impact is much more severe and widespread. The company said it’s working with Mandiant, Google Cloud’s incident response division, and cyber insurer Coalition to assist in an ongoing investigation.

The sales engagement platform, a variant of CRM, is now recommending all Drift customers who manage connections to third-party applications via API key to revoke the existing key and rotate to a new key. Salesloft, which acquired Drift in February 2024, did not respond to a request for comment. 

In response to the widening security incident, Salesforce said late Wednesday it disabled the connection between Drift and Salesforce, rendering those integrations defunct. Salesforce declined to answer questions and maintains the issue does not involve a vulnerability in the Salesforce platform.

While the number of victims has grown, Google is sticking to the estimates it shared Tuesday, reiterating that more than 700 organizations are potentially impacted. Yet, it’s clear researchers are still working to identify all potential paths of compromise. 

“We’ve seen evidence of other platforms that were impacted as well,” Carmakal said.

The exposure could also involve former Drift customers. Mandiant identified one victim that may have been a former Drift customer, but researchers are still working to confirm those details. 

GTIG said the financially motivated threat group UNC6395 has also retrieved OAuth tokens for multiple services, including some that allowed it to “access email from a very small number of Google Workspace accounts.” The attackers primarily sought to steal credentials to compromise other systems connected to initial victims, as it specifically searched for Amazon Web Services access keys, virtual private network credentials and Snowflake credentials.

The root cause of the attacks, specifically how UNC6395 gained initial access to Salesloft Drift, remains unconfirmed. Researchers are also working to determine the full extent of the compromise within Salesloft Drift’s infrastructure.

“We are working with Salesloft Drift to investigate the root cause of what occurred and then it’ll be up to them to publish that,” Carmakal said. “There will be a lot more tomorrow, and the next day, and the next day.”

The post Salesloft Drift compromised en masse, impacting all third-party integrations appeared first on CyberScoop.

Google Threat Intelligence Group warned about a “widespread data theft campaign” that compromised hundreds of Salesforce customers over a 10-day span earlier this month. 

According to a report published Tuesday, researchers say a threat group Google tracks as UNC6395 stole large volumes of data from Salesforce customer instances by using stolen OAuth tokens from Salesloft Drift, a third-party AI chat agent for sales and leads. Google said the attack spree occurred from at least Aug. 8 to Aug. 18.

“GTIG is aware of over 700 potentially impacted organizations,” Austin Larsen, principal threat analyst at GTIG, told CyberScoop. “The threat actor used a Python tool to automate the data theft process for each organization that was targeted.”

The attackers primarily sought to steal credentials to compromise other systems connected to the initial victims, according to Google. UNC6395 specifically searched for Amazon Web Services access keys, virtual private network credentials and Snowflake credentials.

“Using a single token stolen from Salesloft, the threat actor was able to access tokens for any Drift linked organization. The threat actor then used the Salesforce tokens to directly access that data and exfiltrate it to servers, where they looked for plaintext credentials including Amazon, Snowflake and other passwords,” said Tyler McLellan, principal threat analyst at GTIG.

Mandiant Consulting, Google’s incident response firm, hasn’t observed further use of the stolen credentials in any current investigations, he said. 

Salesloft confirmed the intrusions in a security update Monday and said all impacted customers have been notified. The company first issued an alert about malicious activity targeting Salesloft Drift applications integrated with Salesforce Aug. 19. 

Salesloft said it worked with Salesforce to revoke all active access and refresh tokens for the application and asserts the impact is limited to customers integrated with Salesforce. Google said the attacks stopped once Salesloft and Salesforce revoked access on Aug. 20. 

Salesforce, in a statement Tuesday, said a “small number of customers” were impacted, adding “this issue did not stem from a vulnerability within the core Salesforce platform, but rather from a compromise of the app’s connection.” 

Google advised Salesloft Drift customers integrated with Salesforce to consider their data compromised, search for secrets contained in their Salesforce instances and remediate by revoking API keys, rotating credentials and investigating further. 

Google hasn’t yet determined UNC6395’s origins or motivations. The attack spree was “broad and opportunistic, and appeared to take advantage of any organization using the Salesloft Drift integration with Salesforce,” McLellan said.

AppOmni CSO Cory Michal said the compromise and abuse of OAuth tokens and cloud-to-cloud integrations are a longtime known blind spot in most enterprises. Yet, the sheer scale and discipline of the attacks is surprising, he said. 

“The attacker methodically queried and exported data across many environments,” Michal added. “They demonstrated a high level of operational discipline, running structured queries, searching specifically for credentials, and even attempting to cover their tracks by deleting jobs. The combination of scale, focus and tradecraft makes this campaign stand out.”

The post Hundreds of Salesforce customers impacted by attack spree linked to third-party AI agent appeared first on CyberScoop.

A 21-year-old former Army soldier pleaded guilty Tuesday to charges stemming from a series of attacks and extortion attempts last year on telecommunications companies, including AT&T. 

Cameron John Wagenius, who identified himself as “kiberphant0m” and “cyb3rph4nt0m” on online criminal forums, conducted extensive malicious activity for years, including while he was on active duty, the Justice Department said. 

Wagenius pleaded guilty to conspiring to commit wire fraud, extortion in relation to computer fraud and aggravated identity theft. He faces a maximum of 27 years in prison for the charges and is scheduled for sentencing on Oct. 6. Wagenius previously pleaded guilty to two counts of unlawful transfer of confidential phone records information in connection with this conspiracy, the Justice Department said.

“This is one of the most significant wins in the fight against cybercrime,” Allison Nixon, chief research officer at Unit 221B, told CyberScoop. “The cybersecurity workers helping the victims through a storm, federal law enforcement with the fastest federal arrest I have ever witnessed, and the prosecutors now destroying them in court — all brought their A game and they deserve to celebrate tonight.”

Details prosecutors shared about Wagenius as part of their ongoing investigation underscore the bold actions cybercriminals take to extort multiple victims at scale and evade capture. Prior to his arrest in December, Wagenius attempted to sell stolen information to a foreign intelligence service as part of a broader attempt to defect to Russia or another country that he believed would allow him to avoid arrest.

Officials said Wagenius and co-conspirators attempted to defraud at least 10 victim organizations by obtaining login credentials for the organizations’ networks. In November, Wagenius made multiple attempts to extort $500,000 from a major telecommunications company while threatening to leak call records of high-ranking public officials, according to court documents filed in February.

“[Wagenius’] greatest significance is in how absolutely destroyed he’s getting,” Nixon said, adding that he was part of a gang that made threats against Nixon and Unit221B, which specializes in breaking the anonymity of English-speaking cybercriminals.

“He was in the Army, living on base in Texas, when he leaked the hacked call records of President Trump and his family in a failed bid to extort AT&T,” Nixon said. “He pled guilty without even a plea bargain, and the government might still file additional charges. Amazing.”

Authorities did not name Wagenius’ alleged victims in court filings. AT&T in July confirmed cybercriminals accessed the company’s Snowflake environment in April and stole six months of phone and text records of “nearly all” of its customers. 

Wagenius’ alleged co-conspirators, Connor Moucka and John Binns, were indicted in November for allegedly extorting more than 10 organizations after breaking into cloud platforms used by AT&T and other major companies. Moucka, a Canadian citizen, consented to extradition to the United States in March to face 20 federal charges stemming from his alleged involvement in a series of attacks targeting as many as 165 Snowflake customers, one of the most widespread and damaging attack sprees on record.

Some of the records allegedly in Wagenius’ possession were stolen in the attack spree on Snowflake customer databases, according to cybercrime researchers. Federal law enforcement also found evidence on seized Wagenius’ devices indicating he had access to thousands of stolen identification documents and large amounts of cryptocurrency.

Justice Department officials said Wagnius and his co-conspirators attempted to extort at least $1 million from victim data owners. “They successfully sold at least some of this stolen data and also used stolen data to perpetuate other frauds, including SIM-swapping,” officials said in a news release.

“Cybercriminals are shockingly slow to update their threat model, and still operate on the assumption that they won’t be jailed and will get a job in the industry afterwards,” Nixon said. “As multi-decade sentences pile up, reality will set in: Brazen cybercriminals are much more likely to die in prison than they used to, and anonymity isn’t real.”

The post Former Army soldier pleads guilty to widespread attack spree linked to AT&T, Snowflake and others appeared first on CyberScoop.